Comment by vladms

9 days ago

You can do a bad job with public or private cloud. What if they would have had the backup and lost the encryption key?

Cost wise probably having even a Korean different data center backup would not have been huge effort, but not doing it exposed them to a huge risk.

Then they didn't have a correct backup to begin with; for high profile organizations like that, they need to practice outages and data recovery as routine.

...in an ideal world anyway, in practice I've never seen a disaster recovery training. I've had fire drills plenty of times though.